diff options
| author | Guillaume Girol <symphorien@users.noreply.github.com> | 2021-04-14 19:38:26 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-14 19:38:26 +0000 |
| commit | f1a2ab68186c2ab03c908660e505ebb6bced6577 (patch) | |
| tree | 65da5261e7222c137948efc2fec2d35b0e6d764f /nixos/tests | |
| parent | 1da7201967f7c2287c09ad94ebf3016275b3302f (diff) | |
| parent | 7a87973b4ced86e1ba94ee84449979d6afebc9ea (diff) | |
| download | nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar.gz nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar.bz2 nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar.lz nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar.xz nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.tar.zst nixpkgs-f1a2ab68186c2ab03c908660e505ebb6bced6577.zip | |
Merge pull request #115332 from symphorien/usertype
nixos/users: require one of users.users.name.{isSystemUser,isNormalUser}Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/mysql/mariadb-galera-mariabackup.nix | 6 | ||||
| -rw-r--r-- | nixos/tests/mysql/mariadb-galera-rsync.nix | 6 | ||||
| -rw-r--r-- | nixos/tests/mysql/mysql.nix | 12 | ||||
| -rw-r--r-- | nixos/tests/redis.nix | 3 | ||||
| -rw-r--r-- | nixos/tests/rspamd.nix | 5 | ||||
| -rw-r--r-- | nixos/tests/shadow.nix | 3 | ||||
| -rw-r--r-- | nixos/tests/systemd-confinement.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/unbound.nix | 11 |
8 files changed, 28 insertions, 19 deletions
diff --git a/nixos/tests/mysql/mariadb-galera-mariabackup.nix b/nixos/tests/mysql/mariadb-galera-mariabackup.nix index 0a40c010a47..1c73bc854a5 100644 --- a/nixos/tests/mysql/mariadb-galera-mariabackup.nix +++ b/nixos/tests/mysql/mariadb-galera-mariabackup.nix @@ -31,7 +31,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; @@ -89,7 +89,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; @@ -136,7 +136,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; diff --git a/nixos/tests/mysql/mariadb-galera-rsync.nix b/nixos/tests/mysql/mariadb-galera-rsync.nix index 6fb3cfef8d7..709a8b5085c 100644 --- a/nixos/tests/mysql/mariadb-galera-rsync.nix +++ b/nixos/tests/mysql/mariadb-galera-rsync.nix @@ -31,7 +31,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; @@ -84,7 +84,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; @@ -130,7 +130,7 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { }; + users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; diff --git a/nixos/tests/mysql/mysql.nix b/nixos/tests/mysql/mysql.nix index 50ad5c68aef..c21136416d4 100644 --- a/nixos/tests/mysql/mysql.nix +++ b/nixos/tests/mysql/mysql.nix @@ -9,8 +9,8 @@ import ./../make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { - users.users.testuser = { }; - users.users.testuser2 = { }; + users.users.testuser = { isSystemUser = true; }; + users.users.testuser2 = { isSystemUser = true; }; services.mysql.enable = true; services.mysql.initialDatabases = [ { name = "testdb3"; schema = ./testdb.sql; } @@ -44,8 +44,8 @@ import ./../make-test-python.nix ({ pkgs, ...} : { # Kernel panic - not syncing: Out of memory: compulsory panic_on_oom is enabled virtualisation.memorySize = 1024; - users.users.testuser = { }; - users.users.testuser2 = { }; + users.users.testuser = { isSystemUser = true; }; + users.users.testuser2 = { isSystemUser = true; }; services.mysql.enable = true; services.mysql.initialDatabases = [ { name = "testdb3"; schema = ./testdb.sql; } @@ -75,8 +75,8 @@ import ./../make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { - users.users.testuser = { }; - users.users.testuser2 = { }; + users.users.testuser = { isSystemUser = true; }; + users.users.testuser2 = { isSystemUser = true; }; services.mysql.enable = true; services.mysql.initialScript = pkgs.writeText "mariadb-init.sql" '' ALTER USER root@localhost IDENTIFIED WITH unix_socket; diff --git a/nixos/tests/redis.nix b/nixos/tests/redis.nix index 79a7847414a..28b6058c2c0 100644 --- a/nixos/tests/redis.nix +++ b/nixos/tests/redis.nix @@ -22,11 +22,10 @@ in users.users."member" = { createHome = false; description = "A member of the redis group"; + isNormalUser = true; extraGroups = [ "redis" ]; - group = "users"; - shell = "/bin/sh"; }; }; }; diff --git a/nixos/tests/rspamd.nix b/nixos/tests/rspamd.nix index 7f41e1a7956..f0ccfe7ea0e 100644 --- a/nixos/tests/rspamd.nix +++ b/nixos/tests/rspamd.nix @@ -274,7 +274,10 @@ in I find cows to be evil don't you? ''; - users.users.tester.password = "test"; + users.users.tester = { + isNormalUser = true; + password = "test"; + }; services.postfix = { enable = true; destination = ["example.com"]; diff --git a/nixos/tests/shadow.nix b/nixos/tests/shadow.nix index e5755e8e087..c51961e1fc6 100644 --- a/nixos/tests/shadow.nix +++ b/nixos/tests/shadow.nix @@ -13,14 +13,17 @@ in import ./make-test-python.nix ({ pkgs, ... }: { users = { mutableUsers = true; users.emma = { + isNormalUser = true; password = password1; shell = pkgs.bash; }; users.layla = { + isNormalUser = true; password = password2; shell = pkgs.shadow; }; users.ash = { + isNormalUser = true; password = password4; shell = pkgs.bash; }; diff --git a/nixos/tests/systemd-confinement.nix b/nixos/tests/systemd-confinement.nix index ebf6d218fd6..d04e4a3f867 100644 --- a/nixos/tests/systemd-confinement.nix +++ b/nixos/tests/systemd-confinement.nix @@ -150,6 +150,7 @@ import ./make-test-python.nix { config.users.groups.chroot-testgroup = {}; config.users.users.chroot-testuser = { + isSystemUser = true; description = "Chroot Test User"; group = "chroot-testgroup"; }; diff --git a/nixos/tests/unbound.nix b/nixos/tests/unbound.nix index d4b8bb15ced..ca9718ac633 100644 --- a/nixos/tests/unbound.nix +++ b/nixos/tests/unbound.nix @@ -132,12 +132,15 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: users.users = { # user that is permitted to access the unix socket - someuser.extraGroups = [ - config.users.users.unbound.group - ]; + someuser = { + isSystemUser = true; + extraGroups = [ + config.users.users.unbound.group + ]; + }; # user that is not permitted to access the unix socket - unauthorizeduser = {}; + unauthorizeduser = { isSystemUser = true; }; }; environment.etc = { |